استخدام Network Security Engineer
شرح موقعیت شغلی
Missions:
- Security monitoring
- Investigates deeper on the detected behaviors when an incident had been happened
- Add context to the incident to understand the behavior, analyzing data from multiple tools and data sources
- Create reports and visualizations of security attacks
- Tracks trends for metrics and reporting
- Works on the decrease of false positives
- Maintain the detection rules database
- Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting)
- deal with the security incidents which are detected by the service and to lead in-depth analysis on these incidents
- Tier 2 SOC Analysts are also responsible for researching, responding to, and creating tickets within the
- ticketing system.
Ø Tier 2 Analysts are responsible for:
- Determining service impact of security events.
- Alerting customers to possible malicious activity.
- Working tickets via ticketing system.
- Creating tickets for various needs of the SOC.
- Research and data collection of events of interest.
- Engaging support of Network Operations Center (NOC), Network Engineers and/or
- the CSIRT (Computer Security Incident Response Team) when necessary.
- Three (3) to five (5) years of Security Incident Response, Security Operations Center, and/or threat analysis experience.
- Demonstrated experience using either an enterprise and/or cloud Security SIEM technologies as an analyst.
- Ability to support and work across multiple customer and bespoke systems.
- Receive and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts.
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous
- activities, and misuse activities and distinguish these incidents and events from benign activities.
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
- Assist in the construction of signatures which can be implemented on cyber defense network tools
- in response to new or observed threats within the network environment or enclave.
- false positive, or contact customer as needed.
Required Skills:
- Rigorous and respectful of process. Strong attention to details.
- Strong time management skills with the ability for multitasking
- Information Security and operational oriented mind-set
- Team Spirit
- IDS – SIEM – Log Management, Vulnerability scanning technologies, Ticketing system
- Intrusion and Information system corruption techniques
- Knowledge of security policies for information systems
- Autonomous and self-organized
- Analysis and synthesis skills
- Communication and oral expression
مهارتهای مورد نیاز
- Network Security
- امنیت شبکه
- Switching
حداقل سابقه کار
- سه تا شش سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- مهم نیست